On Wed, Apr 08, 2009 at 10:31:16PM -0500, kevin brintnall wrote: > Thoughts on what to do when we can't find an installed MD5/SHA1 > implementation? Should we allow fallback to clear-text passwords, or > bundle our own implementation?
Tobi et al, I'm considering making a "soft" dependency on OpenSSL for the rrdcached auth code. If OpenSSL is found, we use their hash routines. If not, disable authentication (basically, fall back to existing behavior). Most of the systems that would want to use rrdcached with authentication will probably have OpenSSL libs+includes. Also, this opens the door for encrypted transport at some future date if we decide to do so. For systems with no OpenSSL.. I don't think re-implementing our own hash routines, or shipping a workalike is a better solution. Thoughts? -- kevin brintnall =~ /kbr...@rufus.net/ _______________________________________________ rrd-developers mailing list rrd-developers@lists.oetiker.ch https://lists.oetiker.ch/cgi-bin/listinfo/rrd-developers